package auth

import "net/http"

const (
	cookieName = "staffjoy-faraday"
	cookie
	uuidKey = "uuid"

	//AuthorizationHeader is the http request header key used for accessing the internal authorization
	AuthorizationHeader = "Authorization"

	//	AuthorizationAnonymousWeb is set as the Authorization header to denote that
	//	a request is being made by an unauthenticated web user
	AuthorizationAnonymousWeb = "faraday-anonymous"

	// AuthorizationAuthenticatedUser is set as the Authorization header to denote that
	// a request is being made by an authenticated web user
	AuthorizationAuthenticatedUser = "faraday-authenticated"
)

//ProxyHeaders copies http headers
func ProxyHeaders(from, to http.Header) {
	//Range over the headers
	for k, v := range from {
		//TODO - filter restricted headers

		//Multiple header values may exists per key
		for _, x := range v {
			to.Add(k, x)
		}
	}
}

//SetInternalHeaders is used by Faraday to sanitize incoming external requests and convert them to
//internal requests with authorization information
func SetInternalHeaders(externalReq *http.Request, internalHeaders http.Header) {
	ProxyHeaders(externalReq.Header, internalHeaders)

	//default to anonymous web then prove otherwise
	//authorization := AuthorizationAnonymousWeb

}
